JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.95.194.80

47.95.194.80 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 46%: ?

46%

ISP	Aliyun Computing Co., LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.95.194.80

Whois 47.95.194.80

IP Abuse Reports for 47.95.194.80:

This IP address has been reported a total of 16 times from 10 distinct sources. 47.95.194.80 was first reported on May 8th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇱 spd.co.il	2026-06-08 04:01:19 (6 hours ago)	Port scan detected on multiple ports	Port Scan
🇺🇸 sandra361	2026-06-07 08:33:01 (1 day ago)	Port scan detected: 25 attempts across 25 ports (10283,11106,12019,1241,12883,13140,15230,16390,1884 ... show more Port scan detected: 25 attempts across 25 ports (10283,11106,12019,1241,12883,13140,15230,16390,18848,20156,20321,20874,25600,29004,30096,3221,40041,52014,59027,708,8326,8743,8814,9405,9552). \| Evidence: GHOST_SCAN:IN=enp1s0 OUT= SRC=47.95.194.80 LEN=40 TOS=0x00 PREC=0x00 TTL=227 ID=47733 PROTO=TCP SPT=41154 DPT=20321 WINDOW=1024 RES=0x00 SYN URGP=0 show less	Port Scan
🇺🇸 baltic-lab.com	2026-06-06 14:35:12 (1 day ago)	2026-06-06T16:34:04.028994+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b: ... show more 2026-06-06T16:34:04.028994+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b:ff:ce:a1:08:00 SRC=47.95.194.80 DST=89.117.22.226 LEN=40 TOS=0x00 PREC=0xA0 TTL=241 ID=57896 PROTO=TCP SPT=56430 DPT=34777 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-06T16:34:24.009965+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b:ff:ce:a1:08:00 SRC=47.95.194.80 DST=89.117.22.226 LEN=40 TOS=0x00 PREC=0xA0 TTL=241 ID=57952 PROTO=TCP SPT=56430 DPT=15963 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-06T16:34:43.984559+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b:ff:ce:a1:08:00 SRC=47.95.194.80 DST=89.117.22.226 LEN=40 TOS=0x00 PREC=0xA0 TTL=241 ID=11990 PROTO=TCP SPT=56430 DPT=22037 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-06T16:35:02.568787+02:00 us kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:57:66:9b:c8:08:8b:ff:ce:a1:08:00 SRC=47.95.194.80 DST=89.117.22.226 LEN=40 TOS=0x00 PREC=0xA0 TTL=241 ID=45415 PROTO=TCP SPT=56430 DPT=5502 WINDOW=102 ... show less	Brute-Force Hacking
🇩🇪 keep_out	2026-05-28 18:03:38 (1 week ago)	Probing\(5\) HTTP Ports ...	Bad Web Bot Web App Attack
🇩🇪 _ArminS_	2026-05-24 02:36:00 (2 weeks ago)	SP-Scan 50158:63907 detected 2026.05.24 04:36:00 blocked until 2026.07.12 21:38:47	Port Scan
🇩🇪 acadeova	2026-05-18 03:35:06 (3 weeks ago)	Blocked by UFW on vps2 [30598/tcp] Source port: 55305 TTL: 242 Packet length: 40 TOS: 0x00 This rep ... show more Blocked by UFW on vps2 [30598/tcp] Source port: 55305 TTL: 242 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇳 ThreatBook.io	2026-05-18 00:35:17 (3 weeks ago)	ThreatBook Intelligence: IDC,iot_device more details on https://threatbook.io/ip/47.95.194.80 2026-0 ... show more ThreatBook Intelligence: IDC,iot_device more details on https://threatbook.io/ip/47.95.194.80 2026-05-17 01:14:08 / show less	Web App Attack
🇬🇧 PeravixGroup	2026-05-17 01:23:30 (3 weeks ago)	Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aar ... show more Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇬🇧 PeravixGroup	2026-05-16 18:15:44 (3 weeks ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇨🇳 ThreatBook.io	2026-05-16 00:35:48 (3 weeks ago)	ThreatBook Intelligence: IDC,iot_device more details on https://threatbook.io/ip/47.95.194.80	SSH
🇬🇧 PeravixGroup	2026-05-15 08:47:34 (3 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇭🇰 pengpeng	2026-05-15 01:52:26 (3 weeks ago)	monitor: on ser162528253480 \| port: 8385 \| ttl: 238 script: github.com/sefinek/UFW-AbuseIPDB-Report ... show more monitor: on ser162528253480 \| port: 8385 \| ttl: 238 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 acadeova	2026-05-11 03:58:26 (4 weeks ago)	Blocked by UFW on vps2 [53626/tcp] Source port: 51835 TTL: 242 Packet length: 40 TOS: 0x00 This rep ... show more Blocked by UFW on vps2 [53626/tcp] Source port: 51835 TTL: 242 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Hobby Bob	2026-05-09 11:36:50 (4 weeks ago)	2026-05-09T11:36:50.740104+00:00 server dovecot: pop3-login: Disconnected: Disconnected: Too many ba ... show more 2026-05-09T11:36:50.740104+00:00 server dovecot: pop3-login: Disconnected: Disconnected: Too many bad commands (no auth attempts in 0 secs): user=, rip=47.95.194.80, lip=X.X.X.X session= show less	Port Scan Hacking
🇬🇧 PeravixGroup	2026-05-09 08:24:55 (4 weeks ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 171.231.197.61

🇨🇳 122.51.143.218

🇺🇸 67.205.158.246

🇺🇸 66.132.195.51

🇹🇯 45.81.37.125

🇷🇺 194.176.114.36

🇨🇳 123.145.0.5

🇺🇸 91.230.168.92

🇺🇸 64.62.197.25

🇩🇪 43.131.23.154

🇺🇸 20.124.84.235

🇰🇷 14.63.217.28

🇮🇳 122.176.117.47

🇸🇬 121.6.81.59

🇨🇳 106.13.48.156

🇺🇸 100.51.6.16

🇦🇪 86.97.139.91

🇺🇿 84.54.73.194

🇧🇬 79.124.59.78

🇨🇳 36.153.189.66